Note: This is an archival copy of Security Sun Alert 201005 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com
as Sun Alert 1000757.1.

Security Vulnerabilities in Common Unix Printing System (CUPS) May Allow a Remote Unprivileged User to Execute Arbitrary Code

CategorySecurity

Release PhaseResolved

Bug Id
5102516

Date of Resolved Release07-OCT-2004

Impact

Due to improper command line and environment variable validation, a remote or local unprivileged user may be able to execute arbitrary commands with the privileges of the CUPS daemon (cupsd(8)), which is typically the unprivileged "lp" user. Furthermore, a remote Denial of Service (DoS) condition within CUPS may allow remote unprivileged users to cause the CUPS server to become unresponsive.

Note: The Common Unix Printing System (CUPS) is a cross-platform printing solution for all UNIX environments. It is based on the Internet Printing Protocol (IPP) and provides complete printing services to most PostScript and raster printers.

There are no reliable symptoms that would show the buffer overflow issue described has been exploited. The CUPS daemon cupsd(8) will become unresponsive when the Denial of Service (DoS) attack has been exploited.